SuSE: 2011-005: Linux kernel


 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) SuSE: 2011-005: Linux kernel
# 1  
Old 01-25-2011
SuSE: 2011-005: Linux kernel

LinuxSecurity.com: This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. Following security issues were fixed: CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused by other flaws to write a 0 byte to a attacker controlled address [More...]

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question
SUBDOMAIN.CONF(5)						     AppArmor							 SUBDOMAIN.CONF(5)

NAME
/etc/apparmor/subdomain.conf - configuration file for fine-tuning the behavior of the AppArmor security tool. DESCRIPTION
The AppArmor security tool can be configured to have certain default behaviors based on configuration options set in subdomain.conf. There are two variables that can be set in subdomain.conf: SUBDOMAIN_PATH, and SUBDOMAIN_MODULE_PANIC. SUBDOMAIN_PATH This variable accepts a string (path), and is by default set to '/etc/apparmor.d/' This variable defines where the AppArmor security tool looks for its policy definitions (a.k.a. AppArmor profiles). SUBDOMAIN_MODULE_PANIC This variable accepts a string that is one of four values: warn, build, panic, or build-panic, and is set by default to warn. This setting controls the behavior of the AppArmor initscript if it cannot successfully load the AppArmor kernel module on startup. The four possible settings are: warn Log a failure message (the default behavior). build Attempt to build the AppArmor module against the currently running kernel. If the compilation is successful, the module will be loaded and AppArmor started; if the compilation fails, a failure message is logged. panic Log a failure message and drop to runlevel 1 (single user). build-panic Attempt to build the module against the running kernel (like build) and if the compilation fails, drop to runlevel 1 (single user). BUGS
Setting the initscript to recompile the module will fail on SUSE, as the module source is no longer installed by default. However, the module has been included with the SUSE kernel, so no rebuilding should be necessary. If you find any additional bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>. SEE ALSO
apparmor(7), apparmor_parser(8), and <http://wiki.apparmor.net>. AppArmor 2.7.103 2012-06-28 SUBDOMAIN.CONF(5)